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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. y 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )[3 Responsive to communication(s) filed on 13 February 2004 . 
2a)D This action is FINAL. 2b)£3 This action is non-final. 

3) Q Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) E3 Claim(s) 7-72 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) Q Claim(s) is/are allowed. 

6) Q Claim(s) 7-72 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) Q The specification is objected to by the Examiner. 

10)[EI The drawing(s) filed on 13 February 2004 is/are: a)[KI accepted or b)Q objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 

Priority under 35 U.S.C. § 119 

12)^ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
aM AH b)D Some * c)Q None of: 

1 .£3 Certified copies of the priority documents have been received. 

2.Q Certified copies of the priority documents have been received in Application No. . 



3.Q Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1) £3 Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-413) 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 

3) £3 Information Disclosure Statement(s) (PTO/SB/08) 5 ) D Notice of Informal Patent Application 

Paper No(s)/Mail Date 02/13/2004 and 12/04/2006 . 6) □ Other: . 

U.S. Patent and Trademark Office ~ -~— — 

PTOL-326 (Rev. 08-06) Office Action Summary Part of Paper No./Mail Date 2007091 1 
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DETAILED ACTION 

1. Claims 1-12 are pending. 

Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for 
the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

3. Claims 1, 6 t 7 and 12 are rejected under 35 U.S.C. 102(e) as being anticipated by Dillon et al 
(Dillon), US Pub. No. 2003/0172264. 

As per claim 1 , Dillon discloses: 

A security method for operator access control of a network management system, the method 
comprising: (page 2, paragraph 11, "The method also includes filtering the plurality of packets, according 
to a security policy, to establish a connection for accelerating the filtered packets over a network ) 

- performing an Internet Protocol (IP) filtering to determine whether or not an inputted 
Internet Protocol address of an external operator is a preset Internet Protocol address using one of 
either a Transmission Control Protocol/Internet protocol (TCP/IP) or a User Datagram 
Protocol/Internet protocol (UDP/IP); (page 4, paragraph 46, "This arrangement also permits the firewall 
1 19 to have access to the data after the packet has been restored back to native TCP so that the firewall 
119 can properly provide access control checking on the restored TCP connections and packets. 
Specifically, the firewall 119 controls the types of packets entering and leaving the PEP peer 101 , 
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using a number of methods, including packet filtering, proxy service, and stateful inspection, for 
example. The firewall 119 can apply various filters, which can be based on IP address") 

- connecting the external operator to a communication system by either inputting an 
Identifier/Password or by setting communities upon a determination that the Internet Protocol address 
of the external operator is a preset Internet Protocol address. (Page 14, paragraph 145, "As noted, the 
mapping of TCP connections to a PEP peer can be performed by a routing table (shown as "R"). In this 
example, the terminal 305 maintains the routing table, which identifies the PEP peer's IP address 
and contains one or more IP address masks in such a way that a destination IP address of a TCP 
connection matches one or more of the IP address masks"). 

As per claim 6, Dillon discloses: 

The security method according to claim 1, where the external operator comprises one 
of a telnet terminal or an Element Management System (EMS) server. (Page 14, paragraph 146, "In one 
scenario, the host 301 seeks to communicate with the server 313 (e.g., web server) within the Internet") 

Claim 7 is rejected under the same reason set forth in rejection of claim 1: 
Claim 12 is rejected under the same reason set forth in rejection of claim 6: 

t ■ 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 

rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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5. Claims 2-5 and 8-1 1 are rejected under 35 U.S.C. 103(a) as being unpatentable over Dillon, US 
Pub. No. 2003/0172264, and further in view of Yang-Huffman, US Pub. No. 2003/0115316. 

As per claim 2, Dillon discloses: 

The security method according to claim 1 , wherein performing an Internet Protocol (IP) 
filtering comprises: selecting whether to discard or accept a Simple Network Management Protocol 
(SNMP) packet to be inputted or outputted; (page 10, paragraph 110, "As with the prioritization criteria 
(rules) the AND and OR combination operators can be used to link criteria together. For example, using 
the AND combination operator, a rule can be defined to select a path for SNMP data received from a 
specific host ) 

- selectively accepting a request for the Simple Network Management Protocol (SNMP) 

packet if the row is used as an egress policy, while not outputting a response packet; (page 10, 
paragraph 110, "As with the prioritization criteria (rules) the AND and OR combination operators can be 
used to link criteria together. For example, using the AND combination operator, a rule can be defined to 
select a path for SNMP data received from a specific hosf) and (page 12, paragraph 126, ' Egress 
prioritization is also applied before forwarding packets to the access network 307) 

- selectively outputting the response packet for the Simple Network Management Protocol 
(SNMP) packet if the row is used as an ingress policy, while not allowing accepting the request for the 
Simple Network Management Protocol (SNMP) packet, (page 10, paragraph 110, "As with the 
prioritization criteria (rules) the AND and OR combination operators can be used to link criteria together. 
For example, using the AND combination operator, a rule can be defined to select a path for SNMP 
data received from a specific hosf) and (page 12, paragraph 126, "On the ingress side, prioritization is 
used to control access to buffer space and other resources in the PEP peer 107, generally and with . 
respect to TCP spoofing"). 

Dillon dose not explicitly discloses, Management Information Base (MIB). On the other hand, the 
same field of endeavor, Yang-Huffman teaches this limitation as 
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creating a row after setting a filtering range for objects that are implemented by a 
Management Information Base (MIB); (page 1, paragraph 7, "An SNMP GetNext operation is generally 
a command to retrieve information regarding a row in a MIB table which immediately succeeds a row 
identified by a particular OID"). Where "retrieve information regarding a row in a MIB table" inherently 
indicate the row is created. 

- Therefore, it would have been obvious to one of ordinary skill in the art, at the time of the 
invention was made, to modify the teaching of Dillon and include the "creation a row implemented by 
Management Information Base (MIB)" using the teaching of Yang-Huffman. The modification would be 
obvious because one of ordinary skill in the art would be motivated to add a row that are implemented by 
a MIB to the system for having a better way of scanning a table to finding the value of an object. (Pagel , 
Paragraph 8) 

As per claim 3, Dillon discloses 

The security method according to claim 2, wherein creating a row after setting a filtering range for 
objects that are implemented by a Management Information Base (MIB) comprises: determining a 
Policyld (Pld) as to whether or not to adopt a certain packet processing method; (page 2, paragraph 
11, "The method also includes filtering the plurality of packets, according to a security policy, to 
establish a connection for accelerating the filtered packets over a network ") 

- finding a row in a FilterPolicy table, the row having a relevant value based on the determined 
Policyld value; reading a pointer value of the row found in the FilterPolicy table; and finding a relevant 
row in a Filterlp table using the previously read pointer value as an index number, and then determining 
whether or not operator access is permitted based on conditions for an Internet Protocol (IP) 
address and a port number set in the relevant row to process a packet. (Abstract, line 1-5, "An approach 
for providing integrated firewall and network acceleration functions is disclosed. An integrated firewall and 
network accelerator filters packets received from a host, according to a security policy, to establish 
a connection for accelerating the filtered packets over a network ) and (page 4, paragraph 46, 
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"Specifically, the firewall 119 controls the types of packets entering and leaving the PEP peer 101, 
using a number of methods, including packet filtering, proxy service, and stateful inspection, for 
example. The firewall 119 can apply various filters, which can be based on IP address, domain name, 
communication protocol, and port, for example"). 

As per claim 4, Dillon discloses: 

The security method according to claim 3, wherein the Filterlp table, in which items of the 
conditions for determining whether or not the operator access is permitted are recorded, comprises: an 
index number field using a pointer value corresponding to the policyld as an index, an Internet Protocol 
(IP) address field, an Internet Protocol (IP) address mask field, a port number field, a protocol 
field, a control field, and a row status field, (page 4, paragraph 46, 'firewall 119 can properly provide 
access control checking on the restored TCP connections and packets. Specifically, the firewall 119 
controls the types of packets entering and leaving the PEP peer 101, using a number of methods, 
including packet filtering, proxy service, and stateful inspection, for example. The firewall 1 19 can apply 
various filters, which can be based on IP address, domain name, communication protocol, and port, 
for example"). Further Dillon disclosed (page 14, paragraph 145, "the terminal 305 maintains the routing 
table, which identifies the PEP peer's IP address and contains one or more IP address masks in such 
a way that a destination IP address of a TCP connection matches one or more of the IP address 
masks"). 

Claim 5 is rejected under the same reason set forth in rejection of claim 4 and further Dillon 
discloses: 

- a syntax of each of the Internet Protocol (IP) address field and the Internet Protocol (IP) 
address mask field is of an Internet Protocol (IP) address type. (Page 4, paragraph 46, "The firewall 
119 can apply various filters, which can be based on IP address domain name, communication protocol, 
and port") 
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Dillon dose not explicitly discloses, integer type. On the other hand, the same field of endeavor, 
Yang-Huffman teaches this limitation as: 

The security method according to claim 4, wherein a syntax of each of the index number field, the 
port number field, the protocol field, the control field and the row status field is of an integer type (page 1 , 
paragraph 5, "Each object is generally associated with a unique identifier and generally consists of a 
sequence of integers") 

Therefore, it would have been obvious to one of ordinary skill in the art, at the time of the 
invention was made, to modify the teaching of Dillon and include integers using the teaching of 
Yang-Huffman. The modification would be obvious because one ordinary skill in the art would be 
motivated to add an integers to the system for having a better way of identifying system. 

Claim 8 is rejected under the same reason set forth in rejection of claim 2: 
Claim 9 is rejected under the same reason set forth in rejection of claim 3: 
Claim 10 is rejected under the same reason set forth in rejection of claim 4: 
Claim 1 1 is rejected under the same reason set forth in rejection of claim 5: 



Conclusion 

1 . The prior art made or record and not relied upon is considered pertinent to applicant's disclosure. 

TITLE: Systems and methods for packet sequencing, US Pub. No. 2002/0032798. 

TITLE: Systems and methods for packet distribution, US Pub. No. 2002/0038339. 

TITLE: Method for scrambling information about network devices that is placed in email message, US 

Pub. No. 2005/0278429. 

Any inquiry concerning this communication or earlier communications from the examiner should 
be directed to Teshome Hailu whose telephone number is (571) 270-3159. The examiner can normally 
be reached on Mon-Fri 7:30a.m. to 5:00p.m. PST. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
Chamili Das can be reached on (571 ) 272-3696. The fax phone number for the organization where this 
application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent Application 
Information Retrieval (PAIR) system. Status information for published applications may be obtained from 
either Private PAIR or Public PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) 
at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative 
or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272- 
1000. 

Teshome Hailu 
Patent Examiner 
TH 



CHAMELI DAS . Mim 
SUPERVISORY PATENT EXAMINER 
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